How secure your web framework is?
In this talk I would like to present few recently discovered security vulnerabilities in the Apache Struts 2 web framework
and based on that try to increase developers' awareness of the overall application security. In my opinion,
nowadays developers don’t care about the security too much, they depend on what the framework gives them. Quite often,
then even don’t check security bulletins to see if a new vulnerability wasn’t discovered recently in his/her famous
framework. I would like show few web attacks and explain how it was possible to harm an application or even entire server,
how to prevent such kind of attacks in the future and so on. Examples will base on the Apache Struts 2, but almost all
the same problems were pointed out in the Spring MVC or in the Apache Wicket. Each framework has its own weaknesses :-)
